delphi有参call注入 call的参数传递出错？？。(⊙o⊙)有码！

debra

就是id选怪中怪物id怎么作为参数来传递给call_gwid？  
下面是我写的两个call  
前一个是把怪物id作为参数传递， 注入不成功  
另一个是把id直接在call过程里面赋值 注入管用！  

选怪call应该没错吧  
2个button里面就参数变化了一下而已，，
不会delphi语法现学现用排错能力差 delphi好手帮看看哈




代码是在论坛里前辈们发的我试着修改而来。。。  
呵呵，在此也感谢无私发布珍贵资料的人们  
各位有空帮忙看看 感激不尽啦 ~~  
/////////////////////////学着定义的type  
type  
Tm = packed record  
EDX: DWORD;  
end;  
Ptm =^Tm;  


procedure Call_gwid(p:ptm);Stdcall; //call  
var  
Address1:pointer;  
gid:dword;  
begin  
gid:=p^.EDX;  
Address1:=pointer($00597D70);  
asm  
pushad  
mov esi,gid  
push esi  
mov eax,[$998968]  
mov ecx,[eax+$20]  
add ecx,$0d4  
call Address1  
popad  
end;  
end;  


procedure TForm1.btn1Click(Sender: TObject);  
var  
param:Tm;  
a:DWORD;  
begin  
a:= $80000580 ;  
param.EDX:=a;  
ZHru(PID,@call_gwid,@param,SizeOf(param));  
end;  
//////////////////////////////参数定在内部不出错、？？？  
procedure Call_no();Stdcall; //无参all  
var  
Address1:pointer;  
gid:dword;  
begin  
gid:=$80000580;  
Address1:=pointer($00597D70);  
asm  
pushad  
mov edx,gid  
push edx  
mov eax,[$998968]  
mov ecx,[eax+$20]  
add ecx,$0d4  
call Address1  
popad  
end;  
end;  
===========================注入  
procedure TForm1.btn3Click(Sender: TObject);  
var  
param:Tm;  
begin  
ZHru(PID,@call_no,@param,SizeOf(param));  
end;  

///////////////注入函数  
procedure ZHru (pid:Integer;P_call:Pointer;param:Pointer;paramsize:dword);  
var  
hProcess_N: Integer;  
ThreadID:integer;  
ThreadAdd, ParamAdd: Pointer;  
MemSize,lpNumberOfBytes:DWORD;  
//param:TxunguaiCallParam;  
hThread:THandle;  
begin  
//ShowMessage(PChar(p_call));  
ThreadID:=pid;  
hProcess_N:=OpenProcess(PROCESS_ALL_ACCESS,False,ThreadID);  
ThreadAdd:= VirtualAllocEx(hProcess_N, nil, MemSize, MEM_COMMIT, PAGE_READWRITE);  
WriteProcessMemory(hProcess_N, ThreadAdd, P_call, 4096, lpNumberOfBytes);  
ParamAdd:= VirtualAllocEx(hProcess_N, nil, ParamSize, MEM_COMMIT, PAGE_READWRITE);  
WriteProcessMemory(hProcess_N, ParamAdd, @Param, ParamSize, lpNumberOfBytes);  
hThread:=CreateRemoteThread(hProcess_N,nil,0,ThreadAdd,ParamAdd,0,lpNumberOfBytes);  
WaitForSingleObject(hThread,INFINITE);  
VirtualFreeEx(hProcess_N, ThreadAdd, 4096, MEM_RELEASE);  
VirtualFreeEx(hProcess_N, ParamAdd, ParamSize, MEM_RELEASE);  
CloseHandle(hThread);  
CloseHandle(hprocess_n);  
end;  
-------------------------------------------------------------  


祝看帖的各位生活美满工作顺利没结婚的兄弟都能讨个好老婆

debra

原来注入函数里面参数 param参数是pointer 我又在里面写成了@Param 该死的指针
vb里面没有 头大！   
WriteProcessMemory(hProcess_N, ParamAdd, @Param, ParamSize, lpNumberOfBytes);
改成
WriteProcessMemory(hProcess_N, ParamAdd, Param, ParamSize, lpNumberOfBytes);
呵呵 看来还是api函数不理解啊 ~~ 今晚能睡个好觉啦  
祝各位快乐！